sponsors
usenix conference policies
Abstractions for Usable Information Flow Control in Aeolus
12 Tuesday | 13 Wednesday | 14 Thursday | 15 Friday |
---|---|---|---|
HotCloud '12 | TaPP '12 | ||
WiAC '12 | USENIX ATC '12 | ||
UCMS '12 | HotStorage '12 | NSDR '12 | |
USENIX Cyberlaw '12 | WebApps '12 |
Winnie Cheng, IBM Research; Dan R.K. Ports and David Schultz, MIT CSAIL; Victoria Popic, Stanford; Aaron Blankstein, Princeton; James Cowling and Dorothy Curtis, MIT CSAIL; Liuba Shrira, Brandeis; Barbara Liskov, MIT CSAIL
Despite the increasing importance of protecting confidential data, building secure software remains as challenging as ever. This paper describes Aeolus, a new platform for building secure distributed applications. Aeolus uses information flow control to provide confidentiality and data integrity. It differs from previous information flow control systems in a way that we believe makes it easier to understand and use. Aeolus uses a new, simpler security model, the first to combine a standard principal-based scheme for authority management with thread-granularity information flow tracking. The principal hierarchy matches the way developers already reason about authority and access control, and the coarse-grained information flow tracking eases the task of defining a program’s security restrictions. In addition, Aeolus provides a number of new mechanisms (authority closures, compound tags, boxes, and shared volatile state) that support common design patterns in secure application design.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Winnie Cheng and Dan R.K. Ports and David Schultz and Victoria Popic and Aaron Blankstein and James Cowling and Dorothy Curtis and Liuba Shrira and Barbara Liskov},
title = {Abstractions for Usable Information Flow Control in Aeolus},
booktitle = {2012 USENIX Annual Technical Conference (USENIX ATC 12)},
year = {2012},
isbn = {978-931971-93-5},
address = {Boston, MA},
pages = {139--151},
url = {https://www.usenix.org/conference/atc12/technical-sessions/presentation/cheng},
publisher = {USENIX Association},
month = jun
}
connect with us